A company has several conference rooms with wired network jacks that are used by both employees and
guests. Employees need access to internal resources and guests only need access to the Internet. Which of
the following combinations is BEST to meet the requirements?
NAT and DMZ
VPN and IPSec
Switches and a firewall
802.1x and VLANs
802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication
Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used to
compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a component
in more complex authentication and connection-management systems, including Remote Authentication Dial-In
User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller Access-Control System Plus
(TACACS+), and Network Access Control (NAC).
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. By
default, all ports on a switch are part of VLAN 1. But as the switch administrator changes the VLAN assignment
on a port-by-port basis, various ports can be grouped together and be distinct from other VLAN port
designations. VLANs are used for traffic management. Communications between ports within the same VLAN
occur without hindrance, but communications between VLANs require a routing function.